Hệ thống xếp lịch học tín chỉ cho sinh viên CNTT trên PHP & MySQL
111.091 lượt xem;
- ajax_combo.php
- project /
1 <?php
2 // This script and data application were generated by AppGini 5.72
3 // Download AppGini for free from https://bigprof.com/appgini/download/
4
5 /*
6 ajax-callable script that returns code for either a combo drop-down or an auto-complete
7 drop-down, based on number of items.
8
9 REQUEST parameters:
10 ===============
11 t: table name
12 f: lookup field name
13 id: selected id
14 p: page number (default = 1)
15 s: search term
16 o: 0 (default) for text-only or 1 for full options list
17 text: selected text
18 filterer_[filterer]: name of filterer field to be used to filter the drop-down contents
19 must be one of the filteres defined for the concerned field
20 */
21
22 $start_ts = microtime(true);
23
24 // how many results to return per call, in case of json output
25 $results_per_page = 50;
26
27 $curr_dir = dirname(__FILE__);
28 include("$curr_dir/defaultLang.php");
29 include("$curr_dir/language.php");
30 include("$curr_dir/lib.php");
31
32 handle_maintenance();
33
34 // drop-downs config
35 $lookups = array(
36 'schools' => array(
37 ),
38 'departments' => array(
39 'school' => array(
40 'parent_table' => 'schools',
41 'parent_pk_field' => 'id',
42 'parent_caption' => '`schools`.`name`',
43 'parent_from' => '`schools` ',
44 'filterers' => array(),
45 'custom_query' => '',
46 'inherit_permissions' => false,
47 'list_type' => 0,
48 'not_null' => true
49 )
50 ),
51 'class_time_table' => array(
52 'school' => array(
53 'parent_table' => 'schools',
54 'parent_pk_field' => 'id',
55 'parent_caption' => '`schools`.`name`',
56 'parent_from' => '`schools` ',
57 'filterers' => array(),
58 'custom_query' => '',
59 'inherit_permissions' => false,
60 'list_type' => 0,
61 'not_null' => true
62 ),
63 'department' => array(
64 'parent_table' => 'departments',
65 'parent_pk_field' => 'id',
66 'parent_caption' => '`departments`.`name`',
67 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
68 'filterers' => array('school' => 'school'),
69 'custom_query' => '',
70 'inherit_permissions' => false,
71 'list_type' => 0,
72 'not_null' => true
73 )
74 ),
75 'exam_time_table' => array(
76 'school' => array(
77 'parent_table' => 'schools',
78 'parent_pk_field' => 'id',
79 'parent_caption' => '`schools`.`name`',
80 'parent_from' => '`schools` ',
81 'filterers' => array(),
82 'custom_query' => '',
83 'inherit_permissions' => false,
84 'list_type' => 0,
85 'not_null' => true
86 ),
87 'department' => array(
88 'parent_table' => 'departments',
89 'parent_pk_field' => 'id',
90 'parent_caption' => '`departments`.`name`',
91 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
92 'filterers' => array('school' => 'school'),
93 'custom_query' => '',
94 'inherit_permissions' => false,
95 'list_type' => 0,
96 'not_null' => true
97 )
98 ),
99 'personal_time_table' => array(
100 ),
101 'student_details' => array(
102 'school' => array(
103 'parent_table' => 'schools',
104 'parent_pk_field' => 'id',
105 'parent_caption' => '`schools`.`name`',
106 'parent_from' => '`schools` ',
107 'filterers' => array(),
108 'custom_query' => '',
109 'inherit_permissions' => false,
110 'list_type' => 0,
111 'not_null' => true
112 ),
113 'department' => array(
114 'parent_table' => 'departments',
115 'parent_pk_field' => 'id',
116 'parent_caption' => '`departments`.`name`',
117 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
118 'filterers' => array('school' => 'school'),
119 'custom_query' => '',
120 'inherit_permissions' => false,
121 'list_type' => 0,
122 'not_null' => true
123 )
124 ),
125 'notices' => array(
126 'school' => array(
127 'parent_table' => 'schools',
128 'parent_pk_field' => 'id',
129 'parent_caption' => '`schools`.`name`',
130 'parent_from' => '`schools` ',
131 'filterers' => array(),
132 'custom_query' => '',
133 'inherit_permissions' => false,
134 'list_type' => 0,
135 'not_null' => true
136 ),
137 'department' => array(
138 'parent_table' => 'departments',
139 'parent_pk_field' => 'id',
140 'parent_caption' => '`departments`.`name`',
141 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
142 'filterers' => array('school' => 'school'),
143 'custom_query' => '',
144 'inherit_permissions' => false,
145 'list_type' => 0,
146 'not_null' => true
147 )
148 )
149 );
150
151 // XSS prevention
152 $xss = new CI_Input();
153 $xss->charset = datalist_db_encoding;
154
155 // receive and verify user input
156 $table_name = $_REQUEST['t'];
157 $field_name = $_REQUEST['f'];
158 $search_id = makeSafe(from_utf8($_REQUEST['id']));
159 $selected_text = from_utf8($_REQUEST['text']);
160 $returnOptions = ($_REQUEST['o'] == 1 ? true : false);
161 $page = intval($_REQUEST['p']);
162 if($page < 1) $page = 1;
163 $skip = $results_per_page * ($page - 1);
164 $search_term = makeSafe(from_utf8($_REQUEST['s']));
165
166 if(!isset($lookups[$table_name][$field_name])) die('{ "error": "Invalid table or field." }');
167
168 // can user access the requested table?
169 $perm = getTablePermissions($table_name);
170 if(!$perm[0] && !$search_id) die('{ "error": "' . addslashes($Translation['tableAccessDenied']) . '" }');
171
172 $field = $lookups[$table_name][$field_name];
173
174 $wheres = array();
175
176 // search term provided?
177 if($search_term){
178 $wheres[] = "{$field['parent_caption']} like '%{$search_term}%'";
179 }
180
181 // any filterers specified?
182 if(is_array($field['filterers'])){
183 foreach($field['filterers'] as $filterer => $filterer_parent){
184 $get = (isset($_REQUEST["filterer_{$filterer}"]) ? $_REQUEST["filterer_{$filterer}"] : false);
185 if($get){
186 $wheres[] = "`{$field['parent_table']}`.`$filterer_parent`='" . makeSafe($get) . "'";
187 }
188 }
189 }
190
191 // inherit permissions?
192 if($field['inherit_permissions']){
193 $inherit = permissions_sql($field['parent_table']);
194 if($inherit === false && !$search_id) die($Translation['tableAccessDenied']);
195
196 if($inherit['where']) $wheres[] = $inherit['where'];
197 if($inherit['from']) $field['parent_from'] .= ", {$inherit['from']}";
198 }
199
200 // single value?
201 if($field['list_type'] != 2 && $search_id){
202 $wheres[] = "`{$field['parent_table']}`.`{$field['parent_pk_field']}`='{$search_id}'";
203 }
204
205 if(count($wheres)){
206 $where = 'WHERE ' . implode(' AND ', $wheres);
207 }
208
209 // define the combo and return the code
210 $combo = new DataCombo;
211 if($field['custom_query']){
212 $qm = array(); $custom_where = ''; $custom_order_by = '2';
213 $combo->Query = $field['custom_query'];
214
215 if(preg_match('/ order by (.*)$/i', $combo->Query, $qm)){
216 $custom_order_by = $qm[1];
217 $combo->Query = preg_replace('/ order by .*$/i', '', $combo->Query);
218 }
219
220 if(preg_match('/ where (.*)$/i', $combo->Query, $qm)){
221 $custom_where = $qm[1];
222 $combo->Query = preg_replace('/ where .*$/i', '', $combo->Query);
223 }
224
225 if($where && $custom_where){
226 $combo->Query .= " {$where} AND ({$custom_where}) ORDER BY {$custom_order_by}";
227 }elseif($custom_where){
228 $combo->Query .= " WHERE {$custom_where} ORDER BY {$custom_order_by}";
229 }else{
230 $combo->Query .= " {$where} ORDER BY {$custom_order_by}";
231 }
232
233 $query_match = array();
234 preg_match('/select (.*) from (.*)$/i', $combo->Query, $query_match);
235
236 if(isset($query_match[2])){
237 $count_query = "SELECT count(1) FROM {$query_match[2]}";
238 }else{
239 $count_query = '';
240 }
241 }else{
242 $combo->Query = "SELECT " . ($field['inherit_permissions'] ? 'DISTINCT ' : '') . "`{$field['parent_table']}`.`{$field['parent_pk_field']}`, {$field['parent_caption']} FROM {$field['parent_from']} {$where} ORDER BY 2";
243 $count_query = "SELECT count(1) FROM {$field['parent_from']} {$where}";
244 }
245 $combo->table = $table_name;
246 $combo->parent_table = $field['parent_table'];
247 $combo->SelectName = $field_name;
248 $combo->ListType = $field['list_type'];
249 if($search_id){
250 $combo->SelectedData = $search_id;
251 }elseif($selected_text){
252 $combo->SelectedData = getValueGivenCaption($combo->Query, $selected_text);
253 }
254
255 if($field['list_type'] == 2){
256 $combo->Render();
257 $combo->HTML = str_replace('<select ', '<select onchange="' . $field_name . '_changed();" ', $combo->HTML);
258
259 // return response
260 if($returnOptions){
261 ?><span id="<?php echo $field_name; ?>-combo-list"><?php echo $combo->HTML; ?></span><?php
262 }else{
263 ?>
264 <span id="<?php echo $field_name; ?>-match-text"><?php echo $combo->MatchText; ?></span>
265 <input type="hidden" id="<?php echo $field_name; ?>" value="<?php echo html_attr($combo->SelectedData); ?>" />
266 <?php
267 }
268 }else{
269 /* return json */
270 header('Content-type: application/json');
271
272 if(!preg_match('/ limit .+/i', $combo->Query)){
273 if(!$search_id) $combo->Query .= " LIMIT {$skip}, {$results_per_page}";
274 if($search_id) $combo->Query .= " LIMIT 1";
275 }
276
277 $prepared_data = array();
278
279 // specific caption provided and list_type is not radio?
280 if(!$search_id && $selected_text){
281 $search_id = getValueGivenCaption($combo->Query, $selected_text);
282 if($search_id) $prepared_data[] = array('id' => to_utf8($search_id), 'text' => to_utf8($xss->xss_clean($selected_text)));
283 }else{
284 $res = sql($combo->Query, $eo);
285 while($row = db_fetch_row($res)){
286 if(empty($prepared_data) && $page == 1 && !$search_id && !$field['not_null']){
287 $prepared_data[] = array('id' => empty_lookup_value, 'text' => to_utf8("<{$Translation['none']}>"));
288 }
289
290 $prepared_data[] = array('id' => to_utf8($row[0]), 'text' => to_utf8($xss->xss_clean($row[1])));
291 }
292 }
293
294 if(empty($prepared_data)){ $prepared_data[] = array('id' => '', 'text' => to_utf8($Translation['No matches found!'])); }
295
296 echo json_encode(array(
297 'results' => $prepared_data,
298 'more' => (@db_num_rows($res) >= $results_per_page),
299 'elapsed' => round(microtime(true) - $start_ts, 3)
300 ));
301 }
2 // This script and data application were generated by AppGini 5.72
3 // Download AppGini for free from https://bigprof.com/appgini/download/
4
5 /*
6 ajax-callable script that returns code for either a combo drop-down or an auto-complete
7 drop-down, based on number of items.
8
9 REQUEST parameters:
10 ===============
11 t: table name
12 f: lookup field name
13 id: selected id
14 p: page number (default = 1)
15 s: search term
16 o: 0 (default) for text-only or 1 for full options list
17 text: selected text
18 filterer_[filterer]: name of filterer field to be used to filter the drop-down contents
19 must be one of the filteres defined for the concerned field
20 */
21
22 $start_ts = microtime(true);
23
24 // how many results to return per call, in case of json output
25 $results_per_page = 50;
26
27 $curr_dir = dirname(__FILE__);
28 include("$curr_dir/defaultLang.php");
29 include("$curr_dir/language.php");
30 include("$curr_dir/lib.php");
31
32 handle_maintenance();
33
34 // drop-downs config
35 $lookups = array(
36 'schools' => array(
37 ),
38 'departments' => array(
39 'school' => array(
40 'parent_table' => 'schools',
41 'parent_pk_field' => 'id',
42 'parent_caption' => '`schools`.`name`',
43 'parent_from' => '`schools` ',
44 'filterers' => array(),
45 'custom_query' => '',
46 'inherit_permissions' => false,
47 'list_type' => 0,
48 'not_null' => true
49 )
50 ),
51 'class_time_table' => array(
52 'school' => array(
53 'parent_table' => 'schools',
54 'parent_pk_field' => 'id',
55 'parent_caption' => '`schools`.`name`',
56 'parent_from' => '`schools` ',
57 'filterers' => array(),
58 'custom_query' => '',
59 'inherit_permissions' => false,
60 'list_type' => 0,
61 'not_null' => true
62 ),
63 'department' => array(
64 'parent_table' => 'departments',
65 'parent_pk_field' => 'id',
66 'parent_caption' => '`departments`.`name`',
67 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
68 'filterers' => array('school' => 'school'),
69 'custom_query' => '',
70 'inherit_permissions' => false,
71 'list_type' => 0,
72 'not_null' => true
73 )
74 ),
75 'exam_time_table' => array(
76 'school' => array(
77 'parent_table' => 'schools',
78 'parent_pk_field' => 'id',
79 'parent_caption' => '`schools`.`name`',
80 'parent_from' => '`schools` ',
81 'filterers' => array(),
82 'custom_query' => '',
83 'inherit_permissions' => false,
84 'list_type' => 0,
85 'not_null' => true
86 ),
87 'department' => array(
88 'parent_table' => 'departments',
89 'parent_pk_field' => 'id',
90 'parent_caption' => '`departments`.`name`',
91 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
92 'filterers' => array('school' => 'school'),
93 'custom_query' => '',
94 'inherit_permissions' => false,
95 'list_type' => 0,
96 'not_null' => true
97 )
98 ),
99 'personal_time_table' => array(
100 ),
101 'student_details' => array(
102 'school' => array(
103 'parent_table' => 'schools',
104 'parent_pk_field' => 'id',
105 'parent_caption' => '`schools`.`name`',
106 'parent_from' => '`schools` ',
107 'filterers' => array(),
108 'custom_query' => '',
109 'inherit_permissions' => false,
110 'list_type' => 0,
111 'not_null' => true
112 ),
113 'department' => array(
114 'parent_table' => 'departments',
115 'parent_pk_field' => 'id',
116 'parent_caption' => '`departments`.`name`',
117 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
118 'filterers' => array('school' => 'school'),
119 'custom_query' => '',
120 'inherit_permissions' => false,
121 'list_type' => 0,
122 'not_null' => true
123 )
124 ),
125 'notices' => array(
126 'school' => array(
127 'parent_table' => 'schools',
128 'parent_pk_field' => 'id',
129 'parent_caption' => '`schools`.`name`',
130 'parent_from' => '`schools` ',
131 'filterers' => array(),
132 'custom_query' => '',
133 'inherit_permissions' => false,
134 'list_type' => 0,
135 'not_null' => true
136 ),
137 'department' => array(
138 'parent_table' => 'departments',
139 'parent_pk_field' => 'id',
140 'parent_caption' => '`departments`.`name`',
141 'parent_from' => '`departments` LEFT JOIN `schools` as schools1 ON `schools1`.`id`=`departments`.`school` ',
142 'filterers' => array('school' => 'school'),
143 'custom_query' => '',
144 'inherit_permissions' => false,
145 'list_type' => 0,
146 'not_null' => true
147 )
148 )
149 );
150
151 // XSS prevention
152 $xss = new CI_Input();
153 $xss->charset = datalist_db_encoding;
154
155 // receive and verify user input
156 $table_name = $_REQUEST['t'];
157 $field_name = $_REQUEST['f'];
158 $search_id = makeSafe(from_utf8($_REQUEST['id']));
159 $selected_text = from_utf8($_REQUEST['text']);
160 $returnOptions = ($_REQUEST['o'] == 1 ? true : false);
161 $page = intval($_REQUEST['p']);
162 if($page < 1) $page = 1;
163 $skip = $results_per_page * ($page - 1);
164 $search_term = makeSafe(from_utf8($_REQUEST['s']));
165
166 if(!isset($lookups[$table_name][$field_name])) die('{ "error": "Invalid table or field." }');
167
168 // can user access the requested table?
169 $perm = getTablePermissions($table_name);
170 if(!$perm[0] && !$search_id) die('{ "error": "' . addslashes($Translation['tableAccessDenied']) . '" }');
171
172 $field = $lookups[$table_name][$field_name];
173
174 $wheres = array();
175
176 // search term provided?
177 if($search_term){
178 $wheres[] = "{$field['parent_caption']} like '%{$search_term}%'";
179 }
180
181 // any filterers specified?
182 if(is_array($field['filterers'])){
183 foreach($field['filterers'] as $filterer => $filterer_parent){
184 $get = (isset($_REQUEST["filterer_{$filterer}"]) ? $_REQUEST["filterer_{$filterer}"] : false);
185 if($get){
186 $wheres[] = "`{$field['parent_table']}`.`$filterer_parent`='" . makeSafe($get) . "'";
187 }
188 }
189 }
190
191 // inherit permissions?
192 if($field['inherit_permissions']){
193 $inherit = permissions_sql($field['parent_table']);
194 if($inherit === false && !$search_id) die($Translation['tableAccessDenied']);
195
196 if($inherit['where']) $wheres[] = $inherit['where'];
197 if($inherit['from']) $field['parent_from'] .= ", {$inherit['from']}";
198 }
199
200 // single value?
201 if($field['list_type'] != 2 && $search_id){
202 $wheres[] = "`{$field['parent_table']}`.`{$field['parent_pk_field']}`='{$search_id}'";
203 }
204
205 if(count($wheres)){
206 $where = 'WHERE ' . implode(' AND ', $wheres);
207 }
208
209 // define the combo and return the code
210 $combo = new DataCombo;
211 if($field['custom_query']){
212 $qm = array(); $custom_where = ''; $custom_order_by = '2';
213 $combo->Query = $field['custom_query'];
214
215 if(preg_match('/ order by (.*)$/i', $combo->Query, $qm)){
216 $custom_order_by = $qm[1];
217 $combo->Query = preg_replace('/ order by .*$/i', '', $combo->Query);
218 }
219
220 if(preg_match('/ where (.*)$/i', $combo->Query, $qm)){
221 $custom_where = $qm[1];
222 $combo->Query = preg_replace('/ where .*$/i', '', $combo->Query);
223 }
224
225 if($where && $custom_where){
226 $combo->Query .= " {$where} AND ({$custom_where}) ORDER BY {$custom_order_by}";
227 }elseif($custom_where){
228 $combo->Query .= " WHERE {$custom_where} ORDER BY {$custom_order_by}";
229 }else{
230 $combo->Query .= " {$where} ORDER BY {$custom_order_by}";
231 }
232
233 $query_match = array();
234 preg_match('/select (.*) from (.*)$/i', $combo->Query, $query_match);
235
236 if(isset($query_match[2])){
237 $count_query = "SELECT count(1) FROM {$query_match[2]}";
238 }else{
239 $count_query = '';
240 }
241 }else{
242 $combo->Query = "SELECT " . ($field['inherit_permissions'] ? 'DISTINCT ' : '') . "`{$field['parent_table']}`.`{$field['parent_pk_field']}`, {$field['parent_caption']} FROM {$field['parent_from']} {$where} ORDER BY 2";
243 $count_query = "SELECT count(1) FROM {$field['parent_from']} {$where}";
244 }
245 $combo->table = $table_name;
246 $combo->parent_table = $field['parent_table'];
247 $combo->SelectName = $field_name;
248 $combo->ListType = $field['list_type'];
249 if($search_id){
250 $combo->SelectedData = $search_id;
251 }elseif($selected_text){
252 $combo->SelectedData = getValueGivenCaption($combo->Query, $selected_text);
253 }
254
255 if($field['list_type'] == 2){
256 $combo->Render();
257 $combo->HTML = str_replace('<select ', '<select onchange="' . $field_name . '_changed();" ', $combo->HTML);
258
259 // return response
260 if($returnOptions){
261 ?><span id="<?php echo $field_name; ?>-combo-list"><?php echo $combo->HTML; ?></span><?php
262 }else{
263 ?>
264 <span id="<?php echo $field_name; ?>-match-text"><?php echo $combo->MatchText; ?></span>
265 <input type="hidden" id="<?php echo $field_name; ?>" value="<?php echo html_attr($combo->SelectedData); ?>" />
266 <?php
267 }
268 }else{
269 /* return json */
270 header('Content-type: application/json');
271
272 if(!preg_match('/ limit .+/i', $combo->Query)){
273 if(!$search_id) $combo->Query .= " LIMIT {$skip}, {$results_per_page}";
274 if($search_id) $combo->Query .= " LIMIT 1";
275 }
276
277 $prepared_data = array();
278
279 // specific caption provided and list_type is not radio?
280 if(!$search_id && $selected_text){
281 $search_id = getValueGivenCaption($combo->Query, $selected_text);
282 if($search_id) $prepared_data[] = array('id' => to_utf8($search_id), 'text' => to_utf8($xss->xss_clean($selected_text)));
283 }else{
284 $res = sql($combo->Query, $eo);
285 while($row = db_fetch_row($res)){
286 if(empty($prepared_data) && $page == 1 && !$search_id && !$field['not_null']){
287 $prepared_data[] = array('id' => empty_lookup_value, 'text' => to_utf8("<{$Translation['none']}>"));
288 }
289
290 $prepared_data[] = array('id' => to_utf8($row[0]), 'text' => to_utf8($xss->xss_clean($row[1])));
291 }
292 }
293
294 if(empty($prepared_data)){ $prepared_data[] = array('id' => '', 'text' => to_utf8($Translation['No matches found!'])); }
295
296 echo json_encode(array(
297 'results' => $prepared_data,
298 'more' => (@db_num_rows($res) >= $results_per_page),
299 'elapsed' => round(microtime(true) - $start_ts, 3)
300 ));
301 }
